Docker | Kubernetes | Cloud

Category: Terraform

It’s 2018 ~ Define Your whole Cloud infrastructure via Terraform

I still remember those days(back in 2006-07′) when I started my career as IT Consultant in Telecom R&D centre where I used to administer Subversion & CVS repositories running on diversified Linux platforms. I considered it as a dark age where fear of downtime, fear of accidental misconfiguration and slow network impacted the overall development, testing & go-to-market process.

Thanks to today’s DevOps Era, we now have a better way to do things: Infrastructure-as-Code (IAC). The goal of DevOps is to perform software delivery more efficiently, and we need tools to make this delivery quick and efficient, this is where the tools like Terraform help companies with infrastructure as code and automation.

Terraform is an open source tool that allows you to define infrastructure for a variety of cloud providers (e.g. AWS, Azure, Google Cloud, DigitalOcean, etc) using a simple, declarative programming language and to deploy and manage that infrastructure using a few CLI commands.Terraform is a tool to Build, Change and Version Control your Infrastructure.

Building Infrastructure includes:

Talking to Multiple Cloud/Infrastructure Provider

Ensuring Creation & Consistency

Express in an API-agnostic DSL

Change Infrastructure includes:

Apply Incremental Changes

Destroy when needed

Preview Changes

Scale Easily

Version Control includes:

HCL Language( HashiCorp Configuration Language)

State File(don’t store it in GitHub Repo)

Wait a sec..I have been using Ansible & Puppet. How is Terraform different from these CM tools?

You might have used technologies like Ansible, Chef, or Puppet to automate and provision the software. Terraform starts from the same law, infrastructure as code, but focuses on the automation of the infrastructure itself. Your whole Cloud infrastructure (instances, volumes, networking, IPs) can be easily defined in terraform.

Chef, Puppet & Ansible are “Configuration management” tools whereas Terraform is actually an orchestration tool. Terraform is designed to provision the servers themselves. Tools like Chef, Puppet, & Ansible typically default to a mutable infrastructure paradigm which means if you tell Puppet to install a new version of Docker, it’ll run the software update on your existing servers and the changes will happen in-place accordingly. If you’re using an orchestration tool such as Terraform to deploy machine images created by Docker or Packer, then every “change” is actually a deployment of a new server (just like every “change” to a variable in functional programming actually returns a new variable). I recommend you to read this, if you have spare time to deep-dive into use cases around Terraform.

Under this blog post, I will show you how to run your first Docker Web container on Google Cloud Platform using Terraform in just 5 minutes. I will be running the below command under macOS High Sierra v10.13.3.

Installing Terraform on macOS

Installing Terraform on macOS is super easy. You are just a “brew-far”.

Change directory to Terraform-GCP location

As I am planning to write dozens of articles around Terraform as IaC, I have rightly arranged it under automation/terraform/<platform> folder. You can keep an eye on this repository to learn more from my exploration:

Let us spend some time in understanding the essential concepts of Terraform before we move ahead.

A Quick Look at Terraform Module

Modules in the Terraform ecosystem are a way to organize the code to be more reusable, to avoid code duplication & to improve the code organisation and its readability. By using modules, you will save time because you write the code once, test it and reuse it many times with different parameters.

The below main.tf is the main configuration file for Terraform. It starts with definition of a provider which is responsible for understanding API interactions and exposing resources. Providers generally are an IaaS (e.g. AWS, GCP, Microsoft Azure, OpenStack), PaaS (e.g. Heroku), or SaaS services (e.g. Terraform Enterprise, DNSimple, CloudFlare). The Google Cloud provider is used to interact with Google Cloud services. The provider needs to be configured with the proper credentials before it can be used.We are targeting Google Cloud as our provider, hence the definition look like as shown below:

If you have used Google Cloud in the past, you will surely find it easy to understand. If not, I suggest you to dirty your hands in creating your first Google Cloud instance and running your first Docker container.

File: variables.tf

Input variables serve as parameters for a Terraform module. When used in the root module of a configuration, variables can be set from CLI arguments and environment variables. Below is the variables file one can set for our GCP instance which specified region, project ID, credential file, private and public SSH key.

Download the credential File from Google Cloud Console

You need to download credential file that contains your service account private key in JSON format. You can download your existing Google Cloud service account file from the Google Cloud Console, or you can create a new one from the same page.

Ensure that you create an empty directory .gcloud under the home directory and place this JSON file under this location.

[Captains-Bay]? > mkdir ~/.gcloud
[Captains-Bay]? > cd ~/.gcloud/

Terraform

The terraform init command is used to initialize a working directory containing Terraform configuration files. This is the first command that should be run after writing a new Terraform configuration or cloning an existing one from version control.By default, terraform init assumes that the working directory already contains a configuration and will attempt to initialize that configuration. You can run this command multiple times, it’s safe !